package com.wtj.security.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {
    /**
     * curl http://localhost:8080/hello
     * @return
     */
    @GetMapping("/hello")
    @PreAuthorize("hasAuthority('test')")
    public String hello(){
        return "hello,security";
    }
    //2.使用注解，这里也就是当用户有test权限后才能访问当前接口
    @PreAuthorize("hasAuthority('system:dept:list')")
    @GetMapping("/test")
    public String test(){
        return "hello,test";
    }
}
